Cryptology ePrint Archive: Report 2003/241
Hybrid Broadcast Encryption and Security Analysis
Shaoquan Jiang ang Guang Gong
Abstract: A broadcast encryption scheme for stateless receivers
is a data distribution method which
never updates users' secret information while in order to maintain the
security the system
efficiency decreases with the number of revoked users.
Another method, a rekeying scheme is a data distribution approach
where it revokes
illegal users in an {\em explicit} and {\em immediate} way whereas it
may cause inconvenience for users.
A hybrid approach that appropriately combines these two types of
mechanisms
seems resulting in a good scheme.
In this paper, we suggest such a
hybrid framework by proposing a rekeying algorithm for subset cover
broadcast encryption
framework (for stateless receivers) due to Naor et al. Our rekeying
algorithm
can simultaneously revoke a number of users.
A hybrid approach that appropriately combines these two types of
mechanisms
seems resulting in a good scheme.
In this paper, we suggest such a
hybrid framework by proposing a rekeying algorithm for subset cover
broadcast encryption
framework (for stateless receivers) due to Naor et al. Our rekeying
algorithm
can simultaneously revoke a number of users.
As an important contribution, we formally prove that this hybrid
framework has a pre-CCA like security, where in addition to pre-CCA
power, the adversary is allowed to {\em adaptively}
corrupt and revoke users.
Finally, we realize the hybrid framework by
two secure concrete schemes that are
based on complete subtree method and Asano
method, respectively.
Category / Keywords: Broadcast Encryption, traitor tracing, copyright management
Publication Info: unpublished
Date: received 20 Nov 2003, last revised 30 Jan 2004
Contact author: jiangshq at calliope uwaterloo ca
Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Note: All comments and suggestions are wellcome.
Version: 20040130:174303 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]